The Month in Hacks: May 2016

The vulnerability of social media platforms continued to be exposed this month as LinkedIn, MySpace, Tumblr, and even Katy Perry's personal Twitter account all made the news for issues related to recent hacks. Meanwhile, Wendy's was hit with lawsuit over their previous data breach and restaurant chain Noodles & Company is investigating reports of a credit card breach at some locations. All that and more in The Month in Hacks.

LinkedIn Increases Breech Estimate to 167M Users

On May 18, Fortune reported that LinkedIn had increased its estimate of the affected users in a 2012 data breach from 6.5 million to 167 million stolen credentials. The announcement came in light of a Russian hacker, using the handle “Peace”, offering to sell 117 million log-in credentials for 5 bitcoins ($2,300).

Katy Perry's Twitter Hijacked

Pop singer Katy Perry's Twitter account was taken over by a hostile user who used the account to send a slew of offensive Tweets to her fans, reported Mashable on May 31. The hacker, known only by the Twitter handle @sw4ylol also focused on Taylor Swift. Perry has since regained control of her account, which boasts the network's largest following at 89 million.

LinkedIn Hacker Goes After MySpace

The hacker involved in the attempt to sell LinkedIn user credentials also reportedly stole a data set of credentials for roughly 360 million MySpace accounts, reported Motherboard on May 27. This time he's selling the data for 6 bitcoins ($2,800). The stolen data includes email addresses, usernames and passwords. MySpace declined to comment on what could be the largest hack ever. MySpace users, even those with accounts that are dormant or abandoned, are encouraged to update their passwords in order to protect personal data that may still be stored on the site.

Numbers From Tumblr Hack Reach 65 Million

On May 31, the Daily Mail reported that just over 65 million usernames and passwords were stolen from Tumblr in a 2013 hack. While the social media giant has declined to specify the number of accounts compromised, security researcher Troy Hunt, who runs Have I Been Pwned (HIBP), confirmed the number after receiving a copy of the stolen information.

Wendy's Sued Over 2015 Credit Card Breach

On May 3, Dark Reading reported that First Choice Federal Credit Union filed federal suit against Wendy's, claiming negligence over the Ohio-based fast food chain's failure to update its computer system. The lawsuit claims the payment system did not comply with federal guidelines, nor did it discard credit card information soon enough. While the outcome remains to be seen, this case could have long-lasting implications for the costs associated with being breached.

E-Commerce Site Kiddicare Reveals Data Breach

On May 9, The Register reported that 795,000 customer records at online baby store Kiddiecare had been stolen. While the stolen information includes names, delivery addresses, telephone numbers and email addresses, no credit card data was compromised. Only customers who registered up to November 6, 2015 are in danger. Kiddicare has reset all passwords as a precaution.

Noodles & Company Investigates Possible Breach

On May 16, Krebs On Security reported that several financial institutions had discovered a pattern of fraudulent card charges on accounts that were used at restaurant chain Noodles & Company beginning in January of this year. Noodles & Company has alerted law enforcement and is working with forensic investigators.

Talk To An Expert

Interested in learning about how TeleSign's identity and engagement solutions can prevent fraud while fostering secure and global growth for your business? Let's chat.